Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALAS-2015-483

Related Vulnerabilities: CVE-2013-5704   CVE-2014-3581   CVE-2014-3583   CVE-2014-8109  

mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory. (CVE-2014-8109) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled. (CVE-2014-3581) The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers. (CVE-2014-3583)

Source

ALAS-2015-483

Amazon Linux AMI Security Advisory: ALAS-2015-483
Advisory Release Date: 2015-02-12 10:57 Pacific
Advisory Updated Date: 2015-02-12 11:32 Pacific
Severity: Low
Issue Overview:

mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory. (CVE-2014-8109)

A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704)

A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled. (CVE-2014-3581)

The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers. (CVE-2014-3583)


Affected Packages:

httpd24


Issue Correction:
Run yum update httpd24 to update your system.

New Packages:
i686:
    mod24_proxy_html-2.4.10-15.58.amzn1.i686
    httpd24-tools-2.4.10-15.58.amzn1.i686
    httpd24-devel-2.4.10-15.58.amzn1.i686
    mod24_ssl-2.4.10-15.58.amzn1.i686
    mod24_ldap-2.4.10-15.58.amzn1.i686
    mod24_session-2.4.10-15.58.amzn1.i686
    httpd24-2.4.10-15.58.amzn1.i686
    httpd24-debuginfo-2.4.10-15.58.amzn1.i686

noarch:
    httpd24-manual-2.4.10-15.58.amzn1.noarch

src:
    httpd24-2.4.10-15.58.amzn1.src

x86_64:
    mod24_session-2.4.10-15.58.amzn1.x86_64
    httpd24-tools-2.4.10-15.58.amzn1.x86_64
    mod24_ldap-2.4.10-15.58.amzn1.x86_64
    httpd24-debuginfo-2.4.10-15.58.amzn1.x86_64
    mod24_ssl-2.4.10-15.58.amzn1.x86_64
    mod24_proxy_html-2.4.10-15.58.amzn1.x86_64
    httpd24-devel-2.4.10-15.58.amzn1.x86_64
    httpd24-2.4.10-15.58.amzn1.x86_64

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started